Published 12 Oct 2016
Studying the risk management dimension of the RESILIA Foundation course will enable people to better understand what is a threat, a vulnerability and an asset in the context of cyber resilience and how they combine to create a risk to the business. One way to understand the...
Cyber resilience|Examinations|RESILIA|Risk management|Threats|Vulnerability
Published 03 May 2016
The success of cyber security awareness learning in organizations today is, typically judged by the ‘ticking of a box’ to say it’s been done. But have organizations – and their managers responsible for information security awareness learning – really stopped to ask whether t...
Published 21 Mar 2017
AXELOS Community hosted Whaling Week, a look into the results of a successful Whaling attack in your organization. We now present four of the best replies from throughout the week. We appreciate all the responses we received throughout Whaling Week, we had a great time readi...
Behaviour|Cyber resilience|Cyber-attack|Data protection|Threats|Vulnerability
Published 02 Mar 2016
When thinking about cyber resilience, just how important do you believe the people in your organization are? All your people, from top to bottom? You have heard the expression, ‘ People, Process, and Technology’ a thousand times. But which is the most critical of the three...
Cyber resilience|Cyber-attack|Information management|Processes|RESILIA|Risk management|Vulnerability
Published 26 Mar 2015
In the world of cyber resilience, barely a week goes by without another company falling victim to cyber-attack – and to the penalties that can arise as a result. In February 2015, the UK Information Commissioner’s Office (ICO) fined insurance broker, Staysure, £175,000 after...
Behaviour|Best Practice|Cyber Resilience|Identity|Threats|Training|Vulnerability
Published 22 Oct 2015
If you think companies are out of the “cyber woods” in terms of risk, then you should think again. The latest research from insurance organization, Aon Risk Solutions , finds 90% of senior executives saying cyber risk is “not fully understood”, while 80% say companies are ...
Cyber-attack|Processes|Risk management|Senior team|Vulnerability
Published 02 Dec 2015
You only have to be a casual follower of the news to see that cyber attacks and the resulting damaging data breaches are happening with greater frequency. TalkTalk and JP Morgan are just two of the latest high profile companies to show their vulnerability to cyber crime....
Best Practice|Cyber Resilience|Cyber-attack|ITIL|Processes|RESILIA|Risk management|Vulnerability
Published 23 Dec 2015
A recent poll of City of London bosses by the Financial Times called on companies to hire a “younger generation of boardroom directors to head off the systemic threat that cyber risk poses to the financial system”.¹ I welcome business leaders openly discussing the signi...
Cyber Resilience|Cyber-attack|Information systems|Processes|Risk management|Skills|Vulnerability
Published 18 Jan 2016
How much do Small and Medium Sized Enterprises ( SMEs ) have to fear from cyber-attack? The high profile cyber attacks of the past year have involved much bigger commercial fish than companies in the SME market. But that doesn’t render them immune – far from it. 74% of s...
Cyber resilience|Cyber-attack|Data Protection|RESILIA|Risk management|Vulnerability
Published 30 Aug 2016
No matter how sophisticated an organization’s technical controls, there is always a risk of attack. In this day and age, with the great speed at which technology is advancing, the constant evolution of threats makes it impossible for any business to be 100% protected; what th...
Published 10 Feb 2017
Getting your awareness training right is essential for cyber resilience Cyber-related fraud is at its highest level since 2008 according to the latest research – a stark fact that makes information security awareness learning for employees more vital than ever. The recen...
Published 20 Jul 2016
Okay, I don’t usually quote Shakespeare, but there’s one line that I’ve remembered since I was at school in England. It comes from Othello : “Reputation, reputation, reputation! O, I have lost my reputation! I have lost the immortal part of myself.” All the publicity aro...
Cyber resilience|Cyber-attack|Identity|IT services|RESILIA|Vulnerability
Published 27 Jul 2016
During the run-up to the US election there’s been a lot of talk about who’s for real and who’s faking it. Who you would like to have a beer with, and who you’d trust with the economy. When I saw a headline about a ‘Fake President Scam’ the other day, I thought it was about ye...
Published 26 Jul 2017
Ever had the nightmare of your company being hacked and it making national news? Have you ever stood in front of your board and felt like saying ‘I told you so’? This is exactly what happened to one CSO (Chief Security Officer) in our real-life C yber Stories from the Frontl...
Published 24 Aug 2017
Phishing , Trojan Horses, Malware, Whaling , Denial of Service – these are all terms that have become common currency in the world of cyber security. With increasing public exposure of global organizations’ cyber security vulnerabilities , the language of cyber threats a...
Behaviour|Cyber resilience|Cyber security|Cyber-attack|RESILIA|Threats|Vulnerability
Published 17 Apr 2015
Politics often throws up examples of highly memorable, and equally emotive, language designed to make voters think a certain way about a particular party. The UK’s current election fever is no different, with politicians coining the rather loaded phrase, “Weaponizing the NHS...
Published 17 Aug 2016
Why is there an obsession with where a cyber-attack originates? In recent reports about attacks on SWIFT (the global financial messaging service) at various banks, there was speculation that it may have been the work of well-skilled and motivated groups creating malware. T...
Published 23 Apr 2015
When I read about the latest cyber attack in the press I wonder how the ordinary person in the street is responding to the same story. Do they feel interested or intrigued? Do they want to understand more? Do they feel that they have a part to play? I suspect most don’t but i...
Published 05 Oct 2016
Cyber security, today, is often very technology-based with a focus on technical issues such as firewalls and virus scanning software. While technology is an important part of the cyber defence, it is important not to neglect strategy in identifying what controls an organi...
Cyber resilience|Examinations|RESILIA|Risk management|Threats|Vulnerability
Published 21 Oct 2016
I n recent years Romania and, more broadly, South East Europe have become a hotbed for international IT services. Due to the region’s Internet of Everything approach, the IT market is booming and facilities like Security Operations Centres (SOCs) and Network Operation Centres...
Communication|Continual Service Improvement (CSI)|IT services|ITIL|Processes|Resource management
Published 27 Jul 2018
An AXELOS webinar – Protecting the reputation of UK Further and Higher Education with your greatest defence: your people – has highlighted how Further and Higher Education establishments are the ideal target for cyber attackers. Education institutions hold personal and fin...
Behaviour|Cyber Resilience|Cyber security|Cyber-Attack|RESILIA|Sensitive data|Threats|Vulnerability
Published 18 Mar 2019
Recently I had a fascinating meeting with the chief executive of a start-up company who are about to disrupt an established market – this was always going to be an interesting discussion! They have established that there is a ‘Delta’ in the performance of existing companie...
Agile|AgileSHIFT|Business solutions|Collaboration|Customer experience|Stakeholder engagement|Value
Published 25 Jun 2019
With tech-centric changes driving disruption all around us, AgileSHIFT has a simple indicator to help you assess the impact on your organization. The Delta is the difference between the 'target state' and the current performance level. The larger the delta, the more exposed...
Agile|AgileSHIFT|Business solutions|Change management|Digital transformation|Threats|Vulnerability
Published 01 Apr 2020
Companies worldwide are now realizing that cyber resilience is not just a “good to have”, but a necessity. It’s no longer a question of if but when risks will emerge and when vulnerabilities are exploited with threats relating to information assets such as data, syst...
Published 20 Mar 2020
One group who are clearly enjoying the coronavirus pandemic are cyber criminals. It’s proved yet another valuable opportunity for them to play on our fears, doubts and vulnerabilities through simple phishing scams . Yet, like regularly washing our hands to avoid getting sick...
Cyber resilience|Cyber security|Cyber-attack|Data protection|Threats|Vulnerability
Published 24 Mar 2020
The current coronavirus crisis has pushed ‘home and mobile working’ onto the front pages. Self-isolation is critically important as we work towards preventing the rapid spread of the virus. But how can we isolate ourselves from a different threat whilst working remotely or a...
Behaviour|BYOD|Cyber resilience|Cyber security|Cyber-attack|Data protection|Privacy|Threats|Vulnerability
Published 23 Apr 2020
Service continuity management, along with IT security, is top of the critical list for IT today – not least in the current global situation caused by Covid-19 . If you don’t have service continuity management and something major happens, it could ruin your business and – cl...
Cloud computing|Customer needs|Information systems|Infrastructure|IT service management (ITSM)|IT services|ITIL 4|Risk management|Service desk|Service management|Threats|Vulnerability
Published 06 Aug 2020
Happy, safe employees generally stay longer at their organizations, are more productive, and cause fewer incidents. Successful leaders know this and actively develop safety cultures— climates in which people are comfortable being (and expressing) themselves—to make sure that ...
Best practice|Communication|IT service management (ITSM)|ITIL 4
Published 24 Mar 2016
This is the first in a series of conversations with Nick Wilding and leading cyber resilience commentators and practitioners from around the world. Who should countries and companies learn from when thinking about cyber resilience? Estonia has been described in tech pub...
Published 29 Oct 2015
When Dido Harding, the CEO of TalkTalk, recently announced there was a chance that all their four million customers’ personal data might have been compromised, she could not have imagined the tsunami of press and media coverage that resulted. It all happened so quickly – 48 ...
Confidentiality|Cyber Resilience|Cyber-attack|Data Protection|Risk management|Sensitive data|Vulnerability
Published 16 Mar 2016
Christian Tijsmans is founder of Connect the Dotz and Paul Wilkinson is the owner/director of GamingWorks How critical is cyber security training for organizations? Not-for-profit IT governance body, ISACA said in its State of Cybersecurity report that 82% of board dire...
Cyber resilience|Cyber-attack|Learning|RESILIA|Risk management|Vulnerability
Published 25 May 2016
Just because you can connect a device to the internet doesn't mean you should. While connected devices (commonly called the “Internet of Things”) can deliver new services, there needs to be security, privacy and clear ownership of data. The endgame for the Internet of ...
Behaviour|Cyber resilience|Data protection|Processes|RESILIA|Sensitive data|Vulnerability
Published 08 Jun 2016
Dear Mr or Mrs Private Company Director – do you know who you are handing your personal information to and why? For all of you, there is an information security risk when third parties are asking for your personal details. Why? Do you know how securely they will treat your i...
Cyber resilience|Cyber-attack|Data protection|RESILIA|Vulnerability
Published 09 Aug 2016
The issue with Delta Air Lines’ computer system on 8 August 2016 created chaos for travellers around the world. The official reason for the systems crash was a power outage, initially described as something outside of Delta’s control, a claim that has not been backed up by t...
Information systems|IT Service Management (ITSM)|IT Services|Processes|Vulnerability
Published 24 Aug 2016
The risk of being held to ransom is no longer just a phenomenon of the physical world - the digital world is subject to the menace of Ransomware . Ransomware is where an attacker renders your computer system and your data unavailable to you through encrypting your data and ...
Published 03 Feb 2017
Board directors, business leaders and entrepreneurs are known as ‘whales’. You’re the big fish who holds the key to the really big prize for hackers. Whether that’s intellectual property, commercially and market sensitive information or simply money, there are hackers out the...
Published 16 Nov 2018
As part of the CBI Cyber Security Conference 2018 , Ciaran Martin, CEO of the National Cyber Security Centre hosted a Keynote session. Here are a few key takeaways from his session. There is a culture shift in business about cyber security and evidence that business l...
Cyber resilience|Cyber security|Cyber-attack|Governance|Threats|Vulnerability
Published 24 Jun 2015
Process implementation in IT Service Management (ITSM) comprises the steps we take to deliver services and the changes necessary to support the business moving forward.The purpose of IT is to be a business partner, ensuring anything that falls within the remit of delivering ...
Best Practice|Change management|Customer engagement|Frameworks|IT Service Management (ITSM)|Leadership|Processes
Published 20 Mar 2017
The internet plays a huge part in our lives: for work, staying in touch with our friends, shopping, playing games, studying or just watching some hilarious cat videos, we are spending more and more time online. We are bombarded with more and more information and the technol...
Published 20 Apr 2016
One hundred percent of US Fortune 100 companies use the ITIL framework to manage, govern and keep their IT environment safe, so why isn’t ITIL training a priority at all of these organizations? In the past, product lifecycles were longer. You would develop a product, pu...
IT Service Management (ITSM)|ITIL|Knowledge management|RESILIA|Skills|Training
Published 17 Oct 2016
What is currently a typical starting point when organizations are thinking about protection against cyber threat and how often is that the right place to start? Organizations can start from one of three places when thinking about protection against cyber threat: Strategic...
Published 12 Nov 2019
How well prepared are organizations for the activities of cyber criminals in 2019? Organizations want to feel their efforts have made a difference to answering the question “ are we secure? ” However, there is no perfect solution or ability to be 100% secure; the real aim is...
Behaviour|Cyber security|Cyber-attack|Data protection|Learning|Privacy|Senior management commitment|Senior team|Sensitive data